Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What is wrong with my computer?


  • This topic is locked This topic is locked
20 replies to this topic

#1 jaguiar45

jaguiar45

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 03 November 2011 - 09:07 AM

On Oct. 14th and 16th Superantispyware found Trojan.Agent/Gen 3 times and on the 14th also Malwarebytes found Trojan.FakeAlert and since then I have been wary of something in my computer and all of the sudden I would be on Google Chrome and a page I was on would go to the bottom of the page by itself and I would not be able to move the page back up, and the top search bar (blinking line) would run all the way across by itself. I ran all the same detectors in safe mode plus Spybot and Avira, all full scans, and it didn't find anything. I ran Rootkit Reavealer and it came up with 4 discrepancies but I have no idea of what to do with it. Is there anything that can be done? I have run online scans but they never find anything and I'm pretty sure there is something in my computer. Thanks, John

Edited by jaguiar45, 03 November 2011 - 09:34 AM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:49 PM

Posted 03 November 2011 - 05:59 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 04 November 2011 - 06:13 PM

There are 3 reports that I attached, not sure if that is what I was supposed to do. Hope you can read them ok. Thanks, John

Attached Files



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 PM

Posted 08 November 2011 - 09:10 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/426145 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:49 AM

Posted 09 November 2011 - 06:34 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

----------------------------------------------

I'm inclined to agree with the scan results from what I have seen in your logs.

Firstly though, please remove one of your antiviruses. I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either AVG or Antivir.

When you've done that please run aswMBR

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#6 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 09 November 2011 - 08:15 PM

Here it is and by the way I don't have AVG I looked for it with "search" and AVG apparently is also a name Avira goes by in abbreviated form. Also I did the first reply but didn't update Avast so I updated it and did another one and here it is:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-09 17:17:47
-----------------------------
17:17:47.734 OS Version: Windows 5.1.2600 Service Pack 3
17:17:47.734 Number of processors: 2 586 0x403
17:17:47.734 ComputerName: AGUIAR-HOME UserName: John
17:17:48.343 Initialize success
17:20:30.421 AVAST engine defs: 11110901
17:20:35.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
17:20:35.656 Disk 0 Vendor: WDC_WD2000JD-22HBB0 08.02D08 Size: 190782MB BusType: 3
17:20:37.671 Disk 0 MBR read successfully
17:20:37.671 Disk 0 MBR scan
17:20:37.703 Disk 0 Windows XP default MBR code
17:20:37.703 Disk 0 scanning sectors +390700800
17:20:37.781 Disk 0 scanning C:\WINDOWS\system32\drivers
17:20:49.953 Service scanning
17:20:50.359 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
17:20:50.875 Modules scanning
17:20:53.859 Disk 0 trace - called modules:
17:20:53.890 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
17:20:53.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a65dab8]
17:20:53.890 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8a643d98]
17:20:54.281 AVAST engine scan C:\WINDOWS
17:21:02.031 AVAST engine scan C:\WINDOWS\system32
17:23:33.234 AVAST engine scan C:\WINDOWS\system32\drivers
17:23:51.015 AVAST engine scan C:\Documents and Settings\John
17:27:54.718 AVAST engine scan C:\Documents and Settings\All Users
17:28:47.421 Scan finished successfully
17:29:20.671 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\John\Desktop\MBR.dat"
17:29:20.671 The log file has been saved successfully to "C:\Documents and Settings\John\Desktop\aswMBR.txt"
17:29:35.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\John\Desktop\MBR.dat"
17:29:35.656 The log file has been saved successfully to "C:\Documents and Settings\John\Desktop\aswMBR 2.txt"

Edited by jaguiar45, 09 November 2011 - 08:31 PM.


#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:49 AM

Posted 09 November 2011 - 08:39 PM

AVG apparently is also a name Avira goes by in abbreviated form


No, it doesn't. That is AVG and it's a completely separate antivirus. You may have some registry entries left over from a trial so please use the uninstaller.

AVG 32 bit

http://download.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe

64 bit

http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe


Can you please run OTL next

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#8 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 09 November 2011 - 10:21 PM

I am just going copy both of the reports, sorry if it's wrong. I was looking at the "extras" and it lists a whole bunch of antiviruses and while I don't remember downloading all of them I did try alot but removed them. Kaspersky is particularly difficult to get rid of. I ran the AVG remover and it left a log that I include at the end of this, it does not seem to be able to find it.


OTL logfile created on: 11/9/2011 7:06:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\John\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.21% Memory free
3.33 Gb Paging File | 2.82 Gb Available in Paging File | 84.63% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 141.16 Gb Free Space | 75.77% Space Free | Partition Type: NTFS
Drive D: | 626.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 700.26 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: AGUIAR-HOME | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\John\desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()


========== Win32 Services (SafeList) ==========

SRV - (getPlusHelper) getPlus® -- File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (E4SSJq) -- C:\Program Files\CPUID\PC Wizard 2009\Data\pcwizntl.exe (CPUID)
SRV - (1uIYho) -- C:\Program Files\CPUID\PC Wizard 2009\Data\pcwizntl.exe (CPUID)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe ()


========== Driver Services (SafeList) ==========

DRV - (AVGIDSEH) -- File not found
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (rspSanity) -- C:\WINDOWS\system32\drivers\rspSanity32.sys (Resplendence Software Projects Sp.)
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (kl2) -- C:\WINDOWS\system32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab ZAO)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (papycpu) -- C:\WINDOWS\system32\drivers\papycpu.sys ()
DRV - (papyjoy) -- C:\WINDOWS\system32\drivers\papyjoy.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A8 43 70 D6 FC 93 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_18.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.60818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.100: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Virtools SA)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\John\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\John\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 06:28:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/08 13:41:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/06/08 10:09:11 | 000,000,000 | ---D | M]

[2010/09/14 10:46:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John\Application Data\Mozilla\Extensions
[2008/09/19 21:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John\Application Data\Mozilla\Extensions\{6334D996-EA3E-4a0e-AA8D-15BA56B37241}
[2009/09/10 11:44:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2010/01/12 16:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John\Application Data\Mozilla\Extensions\mozswing@mozswing.org

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\17.0.932.0\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\17.0.932.0\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\17.0.932.0\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_18.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\John\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\John\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U1 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: getPlusPlus for Adobe 162100 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll
CHR - plugin: 3DVIA Player (Enabled) = C:\Program Files\Virtools\3D Life Player\npvirtools.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.60818.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: WOT = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.4_0\
CHR - Extension: YouTube = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.12_0\
CHR - Extension: Full Screen Weather = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.1_0\
CHR - Extension: Crackle = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.2_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2011/11/09 12:54:06 | 000,438,394 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15080 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2011/05/10 07:33:56 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\John\Start Menu\Programs\Startup\AutorunsDisabled [2011/01/17 14:25:47 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - Reg Error: Key error. File not found
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94C29F52-7D09-491B-B5C5-E9A027038351}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\John\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\John\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/30 20:59:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/12/14 21:21:26 | 000,765,952 | R--- | M] (Quarium, Inc.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2001/11/21 20:59:50 | 000,000,053 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004/08/22 20:27:36 | 000,000,000 | R--D | M] - E:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004/08/22 20:20:52 | 000,659,456 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004/08/05 09:04:12 | 000,573,440 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2004/08/11 21:25:07 | 000,000,099 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (a)
O34 - HKLM BootExecute: (u)
O34 - HKLM BootExecute: (t)
O34 - HKLM BootExecute: (o)
O34 - HKLM BootExecute: ©
O34 - HKLM BootExecute: (h)
O34 - HKLM BootExecute: (k)
O34 - HKLM BootExecute: (*)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Value error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/11/09 18:59:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\John\Desktop\OTL.exe
[2011/11/09 18:57:38 | 000,718,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\John\Desktop\avgremover.exe
[2011/11/09 18:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Desktop\save logs
[2011/11/09 17:17:24 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\John\Desktop\aswMBR.exe
[2011/11/09 17:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Application Data\Windows Search
[2011/11/09 13:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Security Test 2011
[2011/11/09 13:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\AxBx
[2011/11/09 12:39:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\John\Recent
[2011/11/07 19:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Application Data\GlarySoft
[2011/11/07 19:48:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities
[2011/11/07 19:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2011/11/07 18:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EA GAMES
[2011/11/07 18:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Start Menu\Programs\GameSpy Arcade
[2011/11/07 18:25:19 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade
[2011/11/07 15:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Local Settings\Application Data\PCHealth
[2011/11/07 15:08:41 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sxs.dll
[2011/11/07 15:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Application Data\Windows Desktop Search
[2011/11/07 14:50:29 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32spl.dll
[2011/11/07 14:50:29 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msw3prt.dll
[2011/11/07 14:48:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uexfat.dll
[2011/11/07 14:48:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uexfat.dll
[2011/11/07 14:48:17 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ulib.dll
[2011/11/07 14:48:17 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exfat.sys
[2011/11/07 14:47:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntprint.dll
[2011/11/07 14:46:06 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipnathlp.dll
[2011/11/07 14:45:00 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2fs.dll
[2011/11/07 14:45:00 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2fs.dll
[2011/11/07 14:45:00 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2.dll
[2011/11/07 14:45:00 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2.dll
[2011/11/07 14:45:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2011/11/07 14:32:47 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2011/11/07 14:32:47 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdsapi.dll
[2011/11/07 14:32:46 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netlogon.dll
[2011/11/07 14:32:46 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gptext.dll
[2011/11/07 14:32:46 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32time.dll
[2011/11/07 14:32:46 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsuiext.dll
[2011/11/07 14:32:46 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsmsext.dll
[2011/11/07 14:25:07 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2011/11/07 14:12:32 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxdav.sys
[2011/11/07 14:08:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Rising
[2011/11/07 14:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rising
[2011/11/06 20:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/11/06 20:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2011/11/05 15:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Application Data\WinPatrol
[2011/11/05 15:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2011/11/05 15:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/11/05 15:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2011/11/02 15:34:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/02 07:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/11/02 07:36:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/11/02 07:21:45 | 000,417,952 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2011/10/24 13:29:02 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2011/10/24 13:29:02 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2011/10/22 14:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/10/19 06:59:59 | 000,214,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2011/10/19 06:59:59 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2011/10/19 06:59:59 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2011/10/15 16:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Start Menu\Programs\Event Log Explorer
[2011/10/15 16:00:14 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2011/10/15 16:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Event Log Explorer
[2011/10/14 12:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/10/12 16:33:28 | 000,027,192 | ---- | C] (Resplendence Software Projects Sp.) -- C:\WINDOWS\System32\drivers\rspSanity32.sys
[2011/10/12 16:21:53 | 000,000,000 | ---D | C] -- C:\Backreg
[2011/10/11 07:05:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Desktop\New Folder
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/09 19:06:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FB2BA001-FAA4-412A-93C3-73ADCE30BD92}.job
[2011/11/09 19:05:21 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1202660629-1770027372-725345543-1003.job
[2011/11/09 19:05:21 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1202660629-1770027372-725345543-1003.job
[2011/11/09 18:59:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John\Desktop\OTL.exe
[2011/11/09 18:57:40 | 000,718,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\John\Desktop\avgremover.exe
[2011/11/09 18:34:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1770027372-725345543-1003UA.job
[2011/11/09 18:16:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/11/09 17:17:37 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\John\Desktop\aswMBR.exe
[2011/11/09 16:34:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1770027372-725345543-1003Core.job
[2011/11/09 16:08:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/09 14:51:40 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/11/09 14:35:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/09 14:34:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/09 13:47:13 | 000,002,052 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/11/09 13:15:16 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\John\Desktop\HiJackThis.lnk
[2011/11/09 12:54:06 | 000,438,394 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/09 12:52:28 | 000,001,041 | ---- | M] () -- C:\Documents and Settings\John\Desktop\Spybot - Search & Destroy.lnk
[2011/11/09 10:14:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/11/08 08:16:36 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\John\Desktop\Google Chrome.lnk
[2011/11/08 08:16:36 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\John\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/08 08:01:00 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2011/11/07 15:53:52 | 000,417,952 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2011/11/07 15:53:52 | 000,069,792 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/11/07 15:01:03 | 000,463,416 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/07 15:01:03 | 000,079,300 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/04 13:37:55 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\John\defogger_reenable
[2011/11/02 10:11:06 | 000,438,110 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111109-125406.backup
[2011/10/30 13:02:01 | 000,002,580 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2011/10/28 09:30:44 | 000,551,432 | ---- | M] () -- C:\Documents and Settings\John\Local Settings\Application Data\census.cache
[2011/10/28 09:30:36 | 000,180,905 | ---- | M] () -- C:\Documents and Settings\John\Local Settings\Application Data\ars.cache
[2011/10/26 11:51:42 | 000,437,876 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111102-111106.backup
[2011/10/25 08:19:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/24 13:29:02 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2011/10/24 13:29:02 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2011/10/24 07:08:37 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011/10/24 07:06:54 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/10/23 17:56:44 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\John\Desktop\Registry Mechanic.lnk
[2011/10/19 15:57:40 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/19 15:57:39 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/19 09:39:37 | 000,437,990 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111026-125142.backup
[2011/10/19 06:59:43 | 000,544,656 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2011/10/19 06:59:43 | 000,214,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2011/10/19 06:59:43 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2011/10/19 06:59:43 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2011/10/19 06:59:43 | 000,128,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2011/10/17 13:52:42 | 000,437,835 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111019-103937.backup
[2011/10/15 16:33:14 | 000,605,472 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\John\My Documents\autorunsc.exe
[2011/10/15 16:27:16 | 000,001,848 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2011/10/14 12:07:35 | 000,421,443 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/10/14 12:06:48 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\John\Desktop\ZoneAlarm Security.lnk
[2011/10/14 11:29:11 | 000,009,199 | ---- | M] () -- C:\Documents and Settings\John\My Documents\Unexplained deaths.rtf
[2011/10/14 08:42:33 | 000,014,131 | ---- | M] () -- C:\Documents and Settings\John\My Documents\Good idea for viruses on computer.rtf
[2011/10/13 15:34:28 | 000,437,835 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111017-145242.backup
[2011/10/12 19:54:11 | 000,101,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/12 15:37:30 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/10/12 15:37:30 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/10/12 15:37:30 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/09 13:47:13 | 000,002,052 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/11/07 15:07:17 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/11/04 13:37:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\John\defogger_reenable
[2011/11/02 07:21:46 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/10/14 08:42:33 | 000,014,131 | ---- | C] () -- C:\Documents and Settings\John\My Documents\Good idea for viruses on computer.rtf
[2011/10/12 15:37:30 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/10/11 06:19:02 | 000,001,848 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011/10/10 07:27:56 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\housecall.guid.cache
[2011/07/15 13:15:49 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2011/05/19 13:27:29 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2011/05/13 09:19:50 | 000,551,432 | ---- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\census.cache
[2011/05/13 09:19:19 | 000,180,905 | ---- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\ars.cache
[2011/01/17 13:41:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2010/12/14 18:10:12 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/12/14 18:10:12 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/08/28 11:45:20 | 000,000,314 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/07/23 17:10:46 | 000,000,766 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010/07/14 20:27:39 | 000,011,264 | ---- | C] () -- C:\WINDOWS\DCEBoot.exe
[2010/03/01 16:50:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\prvlcl.dat
[2010/02/24 20:01:19 | 000,013,912 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/02/09 22:00:26 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2010/02/03 12:46:05 | 000,016,852 | -HS- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\6j3B46
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2009/03/14 13:37:15 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.8.65951.477_XP_Vista_x32.INI
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/02/11 18:06:39 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\papycpu.sys
[2009/02/11 18:06:39 | 000,001,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\papyjoy.sys
[2009/01/13 16:14:03 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/11/25 11:14:47 | 000,000,041 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2008/11/03 17:32:25 | 000,000,857 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2008/11/03 17:32:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2008/11/03 17:32:23 | 000,002,560 | ---- | C] () -- C:\WINDOWS\Runservice.exe
[2008/09/17 16:41:22 | 000,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2008/09/02 10:08:05 | 000,139,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/09/02 10:07:58 | 000,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/09/02 10:07:52 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/07/07 10:31:29 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/07/02 08:33:17 | 000,000,086 | ---- | C] () -- C:\WINDOWS\SELATLAS.INI
[2008/07/01 16:34:31 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Winhelp.INI
[2008/07/01 16:34:30 | 000,000,515 | ---- | C] () -- C:\WINDOWS\TrpMaker.INI
[2008/07/01 16:33:17 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\LEADDIB.DRV
[2008/07/01 16:32:57 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\FPRUN300.DLL
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/02/11 12:25:00 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/12/26 00:05:35 | 000,000,297 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/12/13 15:54:19 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/12/08 22:55:17 | 000,001,381 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/12/05 22:29:37 | 000,174,080 | ---- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/04 15:04:05 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2007/12/03 17:09:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007/12/03 15:00:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/12/03 14:18:49 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2007/12/03 14:06:07 | 000,002,580 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007/12/03 13:36:33 | 000,001,286 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/12/03 13:17:36 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/12/03 10:51:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/11/30 21:01:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/11/30 20:55:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/11/30 12:31:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/11/30 12:29:38 | 000,101,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/02/28 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 04:00:00 | 000,463,416 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 04:00:00 | 000,079,300 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 04:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2000/09/08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll

========== LOP Check ==========

[2010/10/12 13:45:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/06/19 07:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011/11/05 15:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2009/03/04 20:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2010/10/12 13:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/08/12 08:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/11/06 20:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/11/09 14:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rising
[2011/11/09 18:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/04 09:53:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2011/07/23 11:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\3M
[2010/03/30 14:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\CheckPoint
[2009/10/16 19:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/30 19:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\DeepBurner
[2011/07/23 11:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\GetRightToGo
[2011/11/09 13:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\GlarySoft
[2009/05/29 20:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\iolo
[2011/10/06 17:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\JAM Software
[2009/05/09 13:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\MxBoost
[2008/10/29 07:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\My Games
[2011/09/03 12:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Octoshape
[2008/09/20 08:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Participatory Culture Foundation
[2008/09/20 07:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\PCF-VLC
[2011/07/15 18:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Privacy Guardian
[2011/06/06 14:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\QuickScan
[2011/10/13 08:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Registry Mechanic
[2011/10/15 18:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\SystemRequirementsLab
[2011/01/17 14:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Tific
[2010/06/21 17:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\VSO
[2011/11/07 15:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Windows Desktop Search
[2011/11/09 17:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Windows Search
[2011/11/05 15:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\WinPatrol
[2011/11/08 08:01:00 | 000,000,434 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2011/07/15 18:24:23 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2011/11/09 18:41:00 | 000,032,144 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/11/09 19:06:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FB2BA001-FAA4-412A-93C3-73ADCE30BD92}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\ipconfig.exe:SummaryInformation
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:42D9E231
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >


OTL Extras Log:


OTL Extras logfile created on: 11/9/2011 7:06:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\John\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.21% Memory free
3.33 Gb Paging File | 2.82 Gb Available in Paging File | 84.63% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 141.16 Gb Free Space | 75.77% Space Free | Partition Type: NTFS
Drive D: | 626.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 700.26 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: AGUIAR-HOME | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Value error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- ()
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus 6.0
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\Program Files\7-Zip\7zFM.exe" = C:\Program Files\7-Zip\7zFM.exe:*:Enabled:7-Zip File Manager -- (Igor Pavlov)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner
"C:\Documents and Settings\John\Local Settings\Temp\7zS4.tmp\SymNRT.exe" = C:\Documents and Settings\John\Local Settings\Temp\7zS4.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Documents and Settings\John\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\John\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE}" = RealNetworks - Microsoft Visual C++ 2005 Runtime
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java™ 7 Update 1
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{31034EBB-00BB-4703-00AB-3EB127F9EEDB}" = Madden NFL 2005
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA Player 4.1
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.30
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A66DBCC6-8802-3D15-9FDF-9552742C08B0}" = Google Talk Plugin
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.07.14
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"7-Zip" = 7-Zip 9.22beta
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2005
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Call of Duty Game of the Year Edition" = Call of Duty Game of the Year Edition
"CCleaner" = CCleaner
"Conquest_is1" = Conquest 4.0
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"Event Log Explorer_is1" = Event Log Explorer 3.3
"FileHippo.com" = FileHippo.com Update Checker
"GameSpy Arcade" = GameSpy Arcade
"Glary Utilities_is1" = Glary Utilities 2.39.0.1310
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"Hoyle Board Games 3" = Hoyle Board Games 3
"Hoyle Card Games 3" = Hoyle Card Games 3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC SECURITY TEST 2011_is1" = PC SECURITY TEST 2011
"PC Wizard 2009_is1" = PC Wizard 2009.1.90
"PC Wizard 2010_is1" = PC Wizard 2010.1.96
"PrintMaster Gold 3.00" = PrintMaster Gold 3.00
"Privacy Guardian_is1" = Privacy Guardian 4.5
"RealPlayer 12.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Revo Uninstaller" = Revo Uninstaller 1.93
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SystemRequirementsLab" = System Requirements Lab
"TreeSize Free_is1" = TreeSize Free V2.5
"TripMaker" = Rand McNally TripMaker
"Unlocker" = Unlocker 1.9.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/26/2011 12:35:30 PM | Computer Name = AGUIAR-HOME | Source = Application Error | ID = 1000
Description = Faulting application recordingmanager.exe, version 12.0.1.647, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x000101b3.

Error - 8/1/2011 5:35:51 PM | Computer Name = AGUIAR-HOME | Source = Application Hang | ID = 1002
Description = Hanging application RealPlayer.exe, version 12.0.1.660, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/12/2011 11:40:56 AM | Computer Name = AGUIAR-HOME | Source = Application Hang | ID = 1002
Description = Hanging application sol.exe, version 5.1.2600.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/12/2011 11:41:03 AM | Computer Name = AGUIAR-HOME | Source = Application Hang | ID = 1002
Description = Hanging application sol.exe, version 5.1.2600.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/12/2011 11:49:17 AM | Computer Name = AGUIAR-HOME | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 8/18/2011 3:59:06 PM | Computer Name = AGUIAR-HOME | Source = Application Hang | ID = 1002
Description = Hanging application RealPlayer (2).exe, version 12.0.1.666, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/21/2011 4:00:24 PM | Computer Name = AGUIAR-HOME | Source = Chrome | ID = 1
Description =

Error - 8/23/2011 6:11:18 PM | Computer Name = AGUIAR-HOME | Source = Chrome | ID = 1
Description =

Error - 8/26/2011 3:51:20 PM | Computer Name = AGUIAR-HOME | Source = Chrome | ID = 1
Description =

Error - 8/27/2011 2:34:00 PM | Computer Name = AGUIAR-HOME | Source = Chrome | ID = 1
Description =

[ System Events ]
Error - 11/7/2011 6:19:20 PM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KL1 KLIF

Error - 11/7/2011 7:12:54 PM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KL1 KLIF

Error - 11/7/2011 7:48:35 PM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KL1 KLIF

Error - 11/8/2011 8:06:32 AM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KL1 KLIF

Error - 11/9/2011 9:43:38 AM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
2147749155 (0x80040D23).

Error - 11/9/2011 9:43:44 AM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KL1 KLIF

Error - 11/9/2011 9:43:57 AM | Computer Name = AGUIAR-HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 11/9/2011 9:43:57 AM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Windows Search service
to connect.

Error - 11/9/2011 9:43:57 AM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053

Error - 11/9/2011 6:35:23 PM | Computer Name = AGUIAR-HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KL1 KLIF


< End of report >

AVG LOG:

A2011-11-10 02:57:50,187 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2011-11-10 02:57:50,203 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2011-11-10 02:57:50,203 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2011-11-10 02:57:50,203 WARN AvgDir param empty.
2011-11-10 02:57:50,203 WARN AvgDataDir param empty.
2011-11-10 02:57:52,546 INFO AvgRemover runs in attempt number 1
2011-11-10 02:57:52,546 INFO ***** Services *****
2011-11-10 02:57:52,546 INFO Processing service avg8emc
2011-11-10 02:57:52,562 INFO Service avg8emc is not installed
2011-11-10 02:57:52,562 DEBUG Service avg8emc RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service avg8emc are not present
2011-11-10 02:57:52,562 INFO Processing service avgfws8
2011-11-10 02:57:52,562 INFO Service avgfws8 is not installed
2011-11-10 02:57:52,562 DEBUG Service avgfws8 RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service avgfws8 are not present
2011-11-10 02:57:52,562 INFO Processing service avg8wd
2011-11-10 02:57:52,562 INFO Service avg8wd is not installed
2011-11-10 02:57:52,562 DEBUG Service avg8wd RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service avg8wd are not present
2011-11-10 02:57:52,562 INFO Processing service AvgWFPx
2011-11-10 02:57:52,562 INFO Service AvgWFPx is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgWFPx RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgWFPx are not present
2011-11-10 02:57:52,562 INFO Processing service AvgWFPa
2011-11-10 02:57:52,562 INFO Service AvgWFPa is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgWFPa RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgWFPa are not present
2011-11-10 02:57:52,562 INFO Processing service AvgMfx86
2011-11-10 02:57:52,562 INFO Service AvgMfx86 is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgMfx86 RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgMfx86 are not present
2011-11-10 02:57:52,562 INFO Processing service AvgMfx64
2011-11-10 02:57:52,562 INFO Service AvgMfx64 is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgMfx64 RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgMfx64 are not present
2011-11-10 02:57:52,562 INFO Processing service AvgLdx86
2011-11-10 02:57:52,562 INFO Service AvgLdx86 is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgLdx86 RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgLdx86 are not present
2011-11-10 02:57:52,562 INFO Processing service AvgLdx64
2011-11-10 02:57:52,562 INFO Service AvgLdx64 is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgLdx64 RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgLdx64 are not present
2011-11-10 02:57:52,562 INFO Processing service AvgTdiX
2011-11-10 02:57:52,562 INFO Service AvgTdiX is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgTdiX RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgTdiX are not present
2011-11-10 02:57:52,562 INFO Processing service AvgTdiA
2011-11-10 02:57:52,562 INFO Service AvgTdiA is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgTdiA RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgTdiA are not present
2011-11-10 02:57:52,562 INFO Processing service AvgRkx86
2011-11-10 02:57:52,562 INFO Service AvgRkx86 is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgRkx86 RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgRkx86 are not present
2011-11-10 02:57:52,562 INFO Processing service AvgRkx64
2011-11-10 02:57:52,562 INFO Service AvgRkx64 is not installed
2011-11-10 02:57:52,562 DEBUG Service AvgRkx64 RegCleanup
2011-11-10 02:57:52,562 DEBUG Registry keys for service AvgRkx64 are not present
2011-11-10 02:57:52,562 INFO Processing service avg9emc
2011-11-10 02:57:52,578 INFO Service avg9emc is not installed
2011-11-10 02:57:52,578 DEBUG Service avg9emc RegCleanup
2011-11-10 02:57:52,578 DEBUG Registry keys for service avg9emc are not present
2011-11-10 02:57:52,578 INFO Processing service avgfws9
2011-11-10 02:57:52,578 INFO Service avgfws9 is not installed
2011-11-10 02:57:52,578 DEBUG Service avgfws9 RegCleanup
2011-11-10 02:57:52,578 DEBUG Registry keys for service avgfws9 are not present
2011-11-10 02:57:52,578 INFO Processing service avg9wd
2011-11-10 02:57:52,578 INFO Service avg9wd is not installed
2011-11-10 02:57:52,578 DEBUG Service avg9wd RegCleanup
2011-11-10 02:57:52,578 DEBUG Registry keys for service avg9wd are not present
2011-11-10 02:57:52,578 INFO Processing service AVGIDSAgent
2011-11-10 02:57:52,578 INFO Service AVGIDSAgent is not installed
2011-11-10 02:57:52,578 DEBUG Service AVGIDSAgent RegCleanup
2011-11-10 02:57:52,578 DEBUG Registry keys for service AVGIDSAgent are not present
2011-11-10 02:57:52,578 INFO Processing service AVGIDSShimxpx
2011-11-10 02:57:52,578 INFO Service AVGIDSShimxpx is not installed
2011-11-10 02:57:52,578 DEBUG Service AVGIDSShimxpx RegCleanup
2011-11-10 02:57:52,578 DEBUG Registry keys for service AVGIDSShimxpx are not present
2011-11-10 02:57:52,578 INFO Processing service AVGIDSFilterxpx
2011-11-10 02:57:52,578 INFO Service AVGIDSFilterxpx is not installed
2011-11-10 02:57:52,578 DEBUG Service AVGIDSFilterxpx RegCleanup
2011-11-10 02:57:52,578 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2011-11-10 02:57:52,578 INFO Processing service AVGIDSDriverxpx
2011-11-10 02:57:52,578 INFO Service AVGIDSDriverxpx is not installed
2011-11-10 02:57:52,578 DEBUG Service AVGIDSDriverxpx RegCleanup
2011-11-10 02:57:52,578 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2011-11-10 02:57:52,578 INFO Processing service AVGIDSShimvtx
2011-11-10 02:57:52,578 INFO Service AVGIDSShimvtx is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSShimvtx RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSShimvtx are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSFiltervtx
2011-11-10 02:57:52,593 INFO Service AVGIDSFiltervtx is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSFiltervtx RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSDrivervtx
2011-11-10 02:57:52,593 INFO Service AVGIDSDrivervtx is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSDrivervtx RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSFiltervta
2011-11-10 02:57:52,593 INFO Service AVGIDSFiltervta is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSFiltervta RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSFiltervta are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSDrivervta
2011-11-10 02:57:52,593 INFO Service AVGIDSDrivervta is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSDrivervta RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSDrivervta are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSShimw7x
2011-11-10 02:57:52,593 INFO Service AVGIDSShimw7x is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSShimw7x RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSShimw7x are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSFilterw7x
2011-11-10 02:57:52,593 INFO Service AVGIDSFilterw7x is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSFilterw7x RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSDriverw7x
2011-11-10 02:57:52,593 INFO Service AVGIDSDriverw7x is not installed
2011-11-10 02:57:52,593 DEBUG Service AVGIDSDriverw7x RegCleanup
2011-11-10 02:57:52,593 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2011-11-10 02:57:52,593 INFO Processing service AVGIDSFilterw7a
2011-11-10 02:57:52,609 INFO Service AVGIDSFilterw7a is not installed
2011-11-10 02:57:52,609 DEBUG Service AVGIDSFilterw7a RegCleanup
2011-11-10 02:57:52,609 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2011-11-10 02:57:52,609 INFO Processing service AVGIDSDriverw7a
2011-11-10 02:57:52,609 INFO Service AVGIDSDriverw7a is not installed
2011-11-10 02:57:52,609 DEBUG Service AVGIDSDriverw7a RegCleanup
2011-11-10 02:57:52,609 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2011-11-10 02:57:52,609 INFO Processing service AVGIDSErHrxpx
2011-11-10 02:57:52,609 INFO Service AVGIDSErHrxpx is not installed
2011-11-10 02:57:52,609 DEBUG Service AVGIDSErHrxpx RegCleanup
2011-11-10 02:57:52,609 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2011-11-10 02:57:52,609 INFO Processing service AVGIDSErHrvtx
2011-11-10 02:57:52,609 INFO Service AVGIDSErHrvtx is not installed
2011-11-10 02:57:52,609 DEBUG Service AVGIDSErHrvtx RegCleanup
2011-11-10 02:57:52,609 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2011-11-10 02:57:52,609 INFO Processing service AVGIDSErHrvta
2011-11-10 02:57:52,609 INFO Service AVGIDSErHrvta is not installed
2011-11-10 02:57:52,609 DEBUG Service AVGIDSErHrvta RegCleanup
2011-11-10 02:57:52,609 DEBUG Registry keys for service AVGIDSErHrvta are not present
2011-11-10 02:57:52,609 INFO Processing service AVGIDSErHrw7x
2011-11-10 02:57:52,609 INFO Service AVGIDSErHrw7x is not installed
2011-11-10 02:57:52,609 DEBUG Service AVGIDSErHrw7x RegCleanup
2011-11-10 02:57:52,609 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2011-11-10 02:57:52,609 INFO Processing service AVGIDSErHrw7a
2011-11-10 02:57:52,609 INFO Service AVGIDSErHrw7a is not installed
2011-11-10 02:57:52,625 DEBUG Service AVGIDSErHrw7a RegCleanup
2011-11-10 02:57:52,625 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2011-11-10 02:57:52,625 INFO ***** Registry keys and values *****
2011-11-10 02:57:52,625 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-11-10 02:57:52,625 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2011-11-10 02:57:52,625 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2011-11-10 02:57:52,625 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-11-10 02:57:52,625 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2011-11-10 02:57:52,625 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2011-11-10 02:57:52,625 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2011-11-10 02:57:52,625 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2011-11-10 02:57:52,625 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2011-11-10 02:57:52,625 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2011-11-10 02:57:52,625 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2011-11-10 02:57:52,625 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2011-11-10 02:57:52,625 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2011-11-10 02:57:52,625 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2011-11-10 02:57:52,625 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2011-11-10 02:57:52,625 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-11-10 02:57:52,640 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-11-10 02:57:52,640 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-11-10 02:57:52,640 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-11-10 02:57:52,640 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-11-10 02:57:52,640 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-11-10 02:57:52,640 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2011-11-10 02:57:52,640 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2011-11-10 02:57:52,640 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2011-11-10 02:57:52,640 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-10 02:57:52,640 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-10 02:57:52,640 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-10 02:57:52,640 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2011-11-10 02:57:52,640 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-11-10 02:57:52,640 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-11-10 02:57:52,640 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-10 02:57:52,640 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-10 02:57:52,640 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-10 02:57:52,640 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-11-10 02:57:52,640 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2011-11-10 02:57:52,640 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2011-11-10 02:57:52,640 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-11-10 02:57:52,656 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2011-11-10 02:57:52,656 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2011-11-10 02:57:52,656 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2011-11-10 02:57:52,656 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2011-11-10 02:57:52,656 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2011-11-10 02:57:52,656 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-10 02:57:52,656 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-10 02:57:52,656 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-10 02:57:52,656 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-10 02:57:52,656 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-10 02:57:52,656 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-10 02:57:52,656 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-10 02:57:52,656 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-10 02:57:52,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-10 02:57:52,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-10 02:57:52,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-10 02:57:52,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-10 02:57:52,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-11-10 02:57:52,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2011-11-10 02:57:52,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2011-11-10 02:57:52,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-11-10 02:57:52,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2011-11-10 02:57:52,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2011-11-10 02:57:52,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2011-11-10 02:57:52,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2011-11-10 02:57:52,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2011-11-10 02:57:52,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2011-11-10 02:57:52,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2011-11-10 02:57:52,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2011-11-10 02:57:52,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\.avgdi
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\.avgdi not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-11-10 02:57:52,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-11-10 02:57:52,687 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG\Clients
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\Clients not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG\AVG8
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG\AVG9
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG9 not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG\AVG IDS
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG
2011-11-10 02:57:52,703 DEBUG Value SOFTWARE\AVG:DumpType Remove
2011-11-10 02:57:52,703 DEBUG Value SOFTWARE\AVG:DumpType not present - Key not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG Remove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG\AVG8
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG\AVG9
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG\AVG9 not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG Remove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-11-10 02:57:52,703 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-11-10 02:57:52,703 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2011-11-10 02:57:52,718 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2011-11-10 02:57:52,718 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2011-11-10 02:57:52,718 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-10 02:57:52,718 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-10 02:57:52,718 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-10 02:57:52,718 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2011-11-10 02:57:52,718 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-11-10 02:57:52,718 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-11-10 02:57:52,718 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-10 02:57:52,718 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-10 02:57:52,718 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-10 02:57:52,718 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-11-10 02:57:52,718 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-11-10 02:57:52,718 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-11-10 02:57:52,718 INFO Processing registry aAvgAPI.AvgBro
2011-11-10 02:57:52,734 DEBUG Key aAvgAPI.AvgBro ForceRemove
2011-11-10 02:57:52,734 DEBUG Key aAvgAPI.AvgBro not found
2011-11-10 02:57:52,734 INFO Processing registry AVG.Office
2011-11-10 02:57:52,734 DEBUG Key AVG.Office ForceRemove
2011-11-10 02:57:52,734 DEBUG Key AVG.Office not found
2011-11-10 02:57:52,734 INFO Processing registry AVG.Office.8
2011-11-10 02:57:52,734 DEBUG Key AVG.Office.8 ForceRemove
2011-11-10 02:57:52,734 DEBUG Key AVG.Office.8 not found
2011-11-10 02:57:52,734 INFO Processing registry avgtoolbar.AVGTOOLBAR
2011-11-10 02:57:52,734 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2011-11-10 02:57:52,734 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2011-11-10 02:57:52,734 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2011-11-10 02:57:52,734 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2011-11-10 02:57:52,734 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2011-11-10 02:57:52,734 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2011-11-10 02:57:52,734 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2011-11-10 02:57:52,734 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2011-11-10 02:57:52,734 INFO Processing registry LinkScannerIE.NavFilter
2011-11-10 02:57:52,734 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2011-11-10 02:57:52,734 DEBUG Key LinkScannerIE.NavFilter not found
2011-11-10 02:57:52,734 INFO Processing registry LinkScannerIE.NavFilter.1
2011-11-10 02:57:52,734 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2011-11-10 02:57:52,734 DEBUG Key LinkScannerIE.NavFilter.1 not found
2011-11-10 02:57:52,734 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2011-11-10 02:57:52,750 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2011-11-10 02:57:52,750 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2011-11-10 02:57:52,750 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2011-11-10 02:57:52,750 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2011-11-10 02:57:52,750 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2011-11-10 02:57:52,750 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2011-11-10 02:57:52,750 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2011-11-10 02:57:52,750 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2011-11-10 02:57:52,750 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-11-10 02:57:52,750 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-11-10 02:57:52,750 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-11-10 02:57:52,750 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-11-10 02:57:52,750 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-11-10 02:57:52,750 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-11-10 02:57:52,750 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2011-11-10 02:57:52,750 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2011-11-10 02:57:52,750 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2011-11-10 02:57:52,750 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2011-11-10 02:57:52,765 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2011-11-10 02:57:52,765 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2011-11-10 02:57:52,765 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2011-11-10 02:57:52,765 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2011-11-10 02:57:52,765 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2011-11-10 02:57:52,765 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2011-11-10 02:57:52,765 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2011-11-10 02:57:52,765 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2011-11-10 02:57:52,765 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2011-11-10 02:57:52,765 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2011-11-10 02:57:52,765 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2011-11-10 02:57:52,765 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-11-10 02:57:52,765 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-11-10 02:57:52,765 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-11-10 02:57:52,765 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-10 02:57:52,765 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-10 02:57:52,765 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-10 02:57:52,765 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2011-11-10 02:57:52,765 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2011-11-10 02:57:52,781 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2011-11-10 02:57:52,781 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2011-11-10 02:57:52,781 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2011-11-10 02:57:52,781 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2011-11-10 02:57:52,781 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2011-11-10 02:57:52,781 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2011-11-10 02:57:52,781 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2011-11-10 02:57:52,781 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2011-11-10 02:57:52,781 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2011-11-10 02:57:52,781 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2011-11-10 02:57:52,781 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-10 02:57:52,781 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-10 02:57:52,781 INFO ***** Files and folders *****
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 0
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 1
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 2
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 3
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 4
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 5
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 6
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 7
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 8
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 9
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 10
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 11
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 12
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 13
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 14
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 15
2011-11-10 02:57:52,796 DEBUG Missing ParentDir path for fileItem number 16
2011-11-10 02:57:52,796 DEBUG Processing item C:\Documents and Settings\John\Application Data\AVGTOOLBAR
2011-11-10 02:57:52,796 INFO Directory C:\Documents and Settings\John\Application Data\AVGTOOLBAR not found
2011-11-10 02:57:52,796 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-11-10 02:57:52,796 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0
2011-11-10 02:57:52,796 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0 not found
2011-11-10 02:57:52,796 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0
2011-11-10 02:57:52,796 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0 not found
2011-11-10 02:57:52,796 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5
2011-11-10 02:57:52,796 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5 not found
2011-11-10 02:57:52,796 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5
2011-11-10 02:57:52,796 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5 not found
2011-11-10 02:57:52,796 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk
2011-11-10 02:57:52,796 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk not found
2011-11-10 02:57:52,796 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk
2011-11-10 02:57:52,796 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk not found
2011-11-10 02:57:52,812 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk
2011-11-10 02:57:52,812 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk not found
2011-11-10 02:57:52,812 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk
2011-11-10 02:57:52,812 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk not found
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 27
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 28
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 29
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 30
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 31
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 32
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 33
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 34
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 35
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 36
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 37
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 38
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 39
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 40
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 41
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 42
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 43
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 44
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 45
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 46
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 47
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 48
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 49
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 50
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 51
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 52
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 53
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 54
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 55
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 56
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 57
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 58
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 59
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 60
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 61
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 62
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 63
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 64
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 65
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 66
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 67
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 68
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 69
2011-11-10 02:57:52,812 DEBUG Missing ParentDir path for fileItem number 70
2011-11-10 02:57:52,812 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2011-11-10 02:57:52,812 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2011-11-10 02:57:52,812 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2011-11-10 02:57:52,812 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2011-11-10 02:57:52,812 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-11-10 02:57:52,812 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk
2011-11-10 02:57:52,812 INFO File C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk not found
2011-11-10 02:57:52,828 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk
2011-11-10 02:57:52,828 INFO File C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk not found
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 76
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 77
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 78
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 79
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 80
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 81
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 82
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 83
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 84
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 85
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 86
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 87
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 88
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 89
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 90
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 91
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 92
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 93
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 94
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 95
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 96
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 97
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 98
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 99
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 100
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 101
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 102
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 103
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 104
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 105
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 106
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 107
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 108
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 109
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 110
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 111
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 112
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 113
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 114
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 115
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 116
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 117
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 118
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 119
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 120
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 121
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 122
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 123
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 124
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 125
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 126
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 127
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 128
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 129
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 130
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 131
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 132
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 133
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 134
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 135
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 136
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 137
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 138
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 139
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 140
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 141
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 142
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 143
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 144
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 145
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 146
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 147
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 148
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 149
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 150
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 151
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 152
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 153
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 154
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 155
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 156
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 157
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 158
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 159
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 160
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 161
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 162
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 163
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 164
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 165
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 166
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 167
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 168
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 169
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 170
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 171
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 172
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 173
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 174
2011-11-10 02:57:52,828 DEBUG Missing ParentDir path for fileItem number 175
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 176
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 177
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 178
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 179
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 180
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 181
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 182
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 183
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 184
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 185
2011-11-10 02:57:52,843 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-11-10 02:57:52,843 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-11-10 02:57:52,843 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-11-10 02:57:52,843 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-11-10 02:57:52,843 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-11-10 02:57:52,843 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2011-11-10 02:57:52,843 INFO Directory C:\WINDOWS\System32\Drivers\avg not found
2011-11-10 02:57:52,843 DEBUG Processing item C:\WINDOWS\System32
2011-11-10 02:57:52,843 DEBUG Processing item C:\Program Files\AVG
2011-11-10 02:57:52,843 INFO Directory C:\Program Files\AVG not found
2011-11-10 02:57:52,843 DEBUG Missing ParentDir path for fileItem number 194
2011-11-10 02:57:52,843 INFO ***** Avg Fw NDIS driver *****
2011-11-10 02:57:53,078 INFO FW NDIS driver not present

#9 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 10 November 2011 - 08:59 AM

It happened again with the computer, I was reading and all of the sudden it slipped down to the bottom of the page and I couldn't move it back up and the blinking line in all search bars started moving left to right on it's own and had to go to safe mode and run full scans of; Malwarebytes, Superantispyware, and Avira and left them overnight. They didn't find anything but the computer isn't doing anything now. I was looking at the log of OTL and ran it through hijack logfiles(answertung?) and the 01 part said I should remove almost all of them and 020 said I had a "nasty" but, as I have learned, I did not try to remove anything until I hear from someone who knows what they are doing and am hoping to hear some instructions as soon as possible! -Thanks, John

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:49 AM

Posted 10 November 2011 - 05:53 PM

I did not try to remove anything until I hear from someone who knows what they are doing


Quite right :thumbup2: I see some possible malware traces but nothing that would be causing the kind of symptoms you are describing.


Please open OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
SRV - (getPlusHelper) getPlus® -- File not found
DRV - (AVGIDSEH) -- File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\RunOnceEx: [] File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - Reg Error: Key error. File not found
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - Reg Error: Key error. File not found
[2010/02/03 12:46:05 | 000,016,852 | -HS- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\6j3B46
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:42D9E231
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"


Then click the Run Fix button at the top

Let the program run unhindered.

When done it will say "Fix Complete press ok to open the log"
Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Please run aswMBR

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#11 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 10 November 2011 - 07:20 PM

Here they are thanks so far.



========== OTL ==========
Service getPlusHelper stopped successfully!
Service getPlusHelper deleted successfully!
File File not found not found.
Service AVGIDSEH stopped successfully!
Service AVGIDSEH deleted successfully!
File File not found not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4248FE82-7FCB-46AC-B270-339F08212110}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4248FE82-7FCB-46AC-B270-339F08212110}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCF151D8-D089-449F-A5A4-D9909053F20F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCF151D8-D089-449F-A5A4-D9909053F20F}\ not found.
C:\Documents and Settings\John\Local Settings\Application Data\6j3B46 moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:42D9E231 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!

OTL by OldTimer - Version 3.2.31.0 log created on 11102011_160220


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-10 16:05:46
-----------------------------
16:05:46.437 OS Version: Windows 5.1.2600 Service Pack 3
16:05:46.437 Number of processors: 2 586 0x403
16:05:46.437 ComputerName: AGUIAR-HOME UserName: John
16:05:48.375 Initialize success
16:08:48.406 AVAST engine defs: 11111001
16:08:57.687 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
16:08:57.687 Disk 0 Vendor: WDC_WD2000JD-22HBB0 08.02D08 Size: 190782MB BusType: 3
16:08:59.718 Disk 0 MBR read successfully
16:08:59.718 Disk 0 MBR scan
16:08:59.796 Disk 0 Windows XP default MBR code
16:08:59.796 Disk 0 scanning sectors +390700800
16:08:59.859 Disk 0 scanning C:\WINDOWS\system32\drivers
16:09:20.093 Service scanning
16:09:20.500 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
16:09:21.015 Modules scanning
16:09:24.125 Disk 0 trace - called modules:
16:09:24.140 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
16:09:24.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a6a6ab8]
16:09:24.140 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8a661d98]
16:09:24.656 AVAST engine scan C:\WINDOWS
16:09:32.250 AVAST engine scan C:\WINDOWS\system32
16:11:54.593 AVAST engine scan C:\WINDOWS\system32\drivers
16:12:10.203 AVAST engine scan C:\Documents and Settings\John
16:16:13.828 AVAST engine scan C:\Documents and Settings\All Users
16:17:06.593 Scan finished successfully
16:17:22.078 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\John\Desktop\MBR.dat"
16:17:22.093 The log file has been saved successfully to "C:\Documents and Settings\John\Desktop\aswMBR.txt"

#12 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 11 November 2011 - 06:50 PM

Hello?! Are we done?

#13 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:49 AM

Posted 11 November 2011 - 06:58 PM

Why do you think we're done?

Let's revisit MBAM and SAS and see if anything remains. If you have a more up to date log than the October ones you mention in your first post then post those instead.

Please download Posted Image Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If MBAM won't update then download and update MBAM on a clean computer then save the rules.ref folder to a memory stick. This file is found here: 'C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware' then transfer it across to the infected computer.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.


Then run SAS

Download Superantispyware
  • Load Superantispyware and click the check for updates button.
  • Once the update is finished click the scan your computer button.
  • Check Perform Complete Scan and then next.
  • Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
  • Make sure that they all have a check next to them and press next.
  • Click finish and you will be taken back to the main interface.
  • Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
  • Copy and paste the log onto the forum.

Posted Image
m0le is a proud member of UNITE

#14 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:49 PM

Posted 11 November 2011 - 10:37 PM

Here they are. I also wanted to ask a question, do you think registry cleaners are a good idea? I was reading someone else's stuff on Bleeping Computer and he said you should never use one and I use one all the time. Do they even work to clean the registry? Thanks, John



Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8143

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/11/2011 6:32:58 PM
mbam-log-2011-11-11 (18-32-58).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 225521
Time elapsed: 44 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/11/2011 at 07:28 PM

Application Version : 5.0.1136

Core Rules Database Version : 7937
Trace Rules Database Version: 5749

Scan type : Complete Scan
Total Scan Time : 00:42:25

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 433
Memory threats detected : 0
Registry items scanned : 36900
Registry threats detected : 0
File items scanned : 43533
File threats detected : 192

Adware.Tracking Cookie
C:\Documents and Settings\John\Cookies\9PCWW4HO.txt [ /revsci.net ]
C:\Documents and Settings\John\Cookies\RX7M0EET.txt [ /ads.bleepingcomputer.com ]
C:\Documents and Settings\John\Cookies\01TIS8CV.txt [ /kontera.com ]
msnbcmedia.msn.com [ C:\DOCUMENTS AND SETTINGS\JOHN\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PPFLX78Q ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnbc.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gsimedia.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gsimedia.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JOHN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:49 AM

Posted 12 November 2011 - 07:59 AM

do you think registry cleaners are a good idea? I was reading someone else's stuff on Bleeping Computer and he said you should never use one and I use one all the time. Do they even work to clean the registry?


Well, it's not really possible to clean the registry. They are settings for your machine and, as such, don't take up memory so removing them won't speed up your machine unless what you are removing are malicious registry entries.

We use this information below to explain BC's standpoint.

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

Please now scan with ESET's online scan tool

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • Copy and paste the resulting log in your next reply
If no log is generated that means nothing was found. Please let me know if this happens.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users